diff options
Diffstat (limited to 'kubernetes/vvp/charts/vvp-ext-haproxy')
6 files changed, 281 insertions, 0 deletions
diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/Chart.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/Chart.yaml new file mode 100644 index 0000000000..721912d3c9 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: load balancer for external transport +name: vvp-ext-haproxy +version: 3.0.0 diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file b/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file new file mode 100644 index 0000000000..ca7b40a7bc --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file @@ -0,0 +1,79 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +resolvers dns + nameserver pod_dns "10.3.0.10:53" + resolve_retries 3 + timeout retry 1s + hold valid 30s + +defaults + mode http + timeout connect 5000ms + timeout client 50000ms + timeout server 50000ms + option httpclose + option redispatch + option abortonclose + option httplog + option dontlognull + default-server init-addr last,libc,none + +backend gitlab_ssh + mode tcp + option tcplog + timeout server 2h + server gitlabssh vvp-gitlab:22 resolvers dns + +frontend gitlab_ssh_frontend + mode tcp + option tcplog + timeout client 2h + bind 0.0.0.0:22 + acl is_ssh dst_port 22 + use_backend gitlab_ssh if is_ssh + +backend portal_backend + mode http + server ice_portal vvp:8181 resolvers dns + +backend api + mode http + server engagement_manager vvp-em-uwsgi:80 resolvers dns + +backend s3 + mode http + balance roundrobin + option httpchk HEAD / + server ceph-01 10.252.0.21:8080 check inter 10000ms + +frontend portal + mode http + acl is_api_call path_beg -i /vvp + acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3. + use_backend api if is_api_call + use_backend s3 if is_s3 + bind 0.0.0.0:80 + bind 0.0.0.0:443 ssl crt /etc/haproxy/site.pem force-tlsv12 + default_backend portal_backend + +listen stats + bind 0.0.0.0:9001 + mode http + stats enable # Enable stats page + stats realm Haproxy\ Statistics + stats uri /haproxy_stats + stats auth "${HAPROXY_USER}:${HAPROXY_PASS}" + acl network_allowed src 10.252.0.0/16 127.0.0.1/32 10.2.0.0/16 + http-request deny if !network_allowed diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/configmap.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/configmap.yaml new file mode 100644 index 0000000000..0bb0e264cb --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/configmap.yaml @@ -0,0 +1,21 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-cfg + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/ext-haproxy-cfg/*").AsConfig . | indent 2 }} diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/deployment.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/deployment.yaml new file mode 100644 index 0000000000..afe8c75425 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/deployment.yaml @@ -0,0 +1,66 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + name: {{ .Release.Name }} + spec: + imagePullSecrets: + - name: onapkey + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} + ports: + - containerPort: 80 + - containerPort: 22 + - containerPort: 443 + - containerPort: 9001 + env: + - name: HAPROXY_USER + valueFrom: + secretKeyRef: + name: haproxy-auth + key: user + - name: HAPROXY_PASS + valueFrom: + secretKeyRef: + name: haproxy-auth + key: pass + volumeMounts: + - mountPath: /usr/local/etc/haproxy/ + name: ext-haproxy-cfg + - mountPath: /etc/haproxy/ + name: site-pem + volumes: + - name: ext-haproxy-cfg + configMap: + name: {{ include "common.fullname" . }}-cfg + items: + - key: file + path: haproxy.cfg + - name: site-pem + secret: + secretName: site-pem diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/templates/service.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/service.yaml new file mode 100644 index 0000000000..bcc41c1671 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/templates/service.yaml @@ -0,0 +1,34 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.internalPort1 }} + name: {{ .Values.service.portName1 }} + - port: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName2 }} + - port: {{ .Values.service.internalPort3 }} + name: {{ .Values.service.portName3 }} + - port: {{ .Values.service.internalPort4 }} + name: {{ .Values.service.portName4 }} + selector: + app: {{ include "common.name" . }} diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/values.yaml b/kubernetes/vvp/charts/vvp-ext-haproxy/values.yaml new file mode 100644 index 0000000000..88b32d7d77 --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/values.yaml @@ -0,0 +1,63 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repository: nexus3.onap.org:10001 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: docker.io +image: haproxy:1.7.2-alpine +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + portName1: web + internalPort1: 80 + portName2: ssl + internalPort2: 443 + portName3: ssh + internalPort3: 22 + portName4: stats + internalPort4: 9000 + +ingress: + enabled: false |